RE:CVE-2021-44228 and Jitsi components

Hey :wave:
I have one question to log4j. We are using colibri stats and i see that callstats are affected by the log4j exposure. Is callstats and colibri the same or not? And is the colibri service affected?

thanks you
Marius

Colibri is the protocol supported by JVB and is not the same as thing as Callstats.

AFAIK, you should be able to continue using Colibri stats and disable Callstats and not be exposed to that CVE.

1 Like

You can find more information here:

2 Likes

thank you guys for the quick reply :+1: